DaviewIndy v8.98.7.0 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed format file that is mishandled by DaviewIndy. Attackers could exploit this and arbitrary code execution.
References
Link | Resource |
---|---|
http://datools.kr/zeroboard/view.php?id=datools_notice&page=5&sn1=&divpage=1&sn=off&ss=on&sc=on&select_arrange=headnum&desc=asc&no=506 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: krcert
Published: 2021-07-12T13:40:38
Updated: 2021-07-12T13:40:38
Reserved: 2020-01-22T00:00:00
Link: CVE-2020-7872
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-12T14:15:07.917
Modified: 2021-07-14T12:27:25.013
Link: CVE-2020-7872
JSON object: View
Redhat Information
No data.
CWE